Android malware masquerading as Google+ app
Lance Whitney, CNETNews, 8/16/2011
A new flavor of Android malware is disguising itself as a Google+ app in an attempt to capture instant messages, GPS, location, call logs, and other sensitive data.
Uncovered by the team at Trend Micro, the new malware known as ANDROIDOS_NICKISPY.C can also automatically answer and record phone calls. To capture data, the app loads at boot-up and runs certain services that can monitor messages, phone calls, and the user’s location, thereby stealing e-mail and other content.
Detailing its findings in a blog Friday, Trend Micro said it discovered that the malicious app tries to trick people by installing itself under the name Google++.
But instead of providing access to Google’s new social network, the app sends its stolen user data to a remote site where presumably cybercriminals can grab it. Unlike some malware in the past that masqueraded as legitimate apps through Google’s Android Market, this particular one must be downloaded by an unsuspecting user from a malicious Web site and then manually installed.
And even if installed, the app can be uninstalled from an Android device by selecting Settings > Application > Manage applications, choosing Google++ and then clicking Uninstall, according to Trend Micro.
Trend Micro gives the app a low-risk rating, but it’s still something that Android owners should be sure to avoid.
In: Android, Mobile Technology · Tagged with: GPS, IM, Malware